Abstract
The processing of data is often restricted by contractual and legal requirements for protecting privacy and IPRs. Policies provide means to control how and by whom data is processed. Conditions of policies may depend on the previous processing of the data. However, existing policy languages do not provide means to express such conditions. In this work we present a formal model and language allowing for specifying conditions based on the history of data processing. We base the model and language on XACML.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
eXtensible Access Control Markup Language (XACML) Version 2.0. Oasis standard, OASIS (February 2005)
Web Services Policy 1.5 - Framework. W3c recommendation, W3C (September 2007)
Accorsi, R., Wonnemann, C.: Auditing workflow executions against dataflow policies. In: BIS 2010: Proceedings of the 13th International Conference on Business Information Systems (2010)
Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise Privacy Authorization Language (EPAL 1.2). Submission to W3c, W3C (November 2003)
Becker, M.Y., Sewell, P.: Becker and Peter Sewell. Cassandra: Distributed access control policies with tunable expressiveness. In: POLICY 2004: Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, Washington, DC, USA, 2004, p. 159. IEEE Computer Society Press, Los Alamitos (2004)
Gandon, F.L., Sadeh, N.M.: Semantic web technologies to reconcile privacy and context awareness. J. Web Sem. 1(3), 241–260 (2004)
Hinton, H.M., Lee, E.S.: The compatibility of policies. In: CCS 1994: Proceedings of the 2nd ACM Conference on Computer and Communications Security, pp. 258–269. ACM, New York (1994)
Kagal, L., Finin, T., Joshi, A.: A policy language for a pervasive computing environment. In: IEEE International Workshop on Policies for Distributed Systems and Networks, pp. 63–75 (2003)
Lloyd, J.W.: Foundations of Logic Programming. Springer, New York (1993)
Moreau, L., Freire, J., Futrelle, J., Mcgrath, R., Myers, J., Paulson, P.: The open provenance model: An overview. In: Freire, J., Koop, D., Moreau, L. (eds.) IPAW 2008. LNCS, vol. 5272, pp. 323–326. Springer, Heidelberg (2008)
Ringelstein, C., Staab, S.: Logging in Distributed Workflows. In: Proceedings of the Workshop on Privacy Enforcement and Accountability with Semantics, Busan, South-Korea (2007)
Ringelstein, C., Staab, S.: Dialog: Distributed auditing logs. In: IEEE International Conference on Web Services, Los Angeles, CA, USA, pp. 429–436. IEEE Computer Society Press, Los Alamitos (2009)
Wang, X., Lao, G., DeMartini, T., Reddy, H., Nguyen, M., Valenzuela, E.: Xrml – extensible rights markup language. In: XMLSEC 2002: Proceedings of the 2002 ACM Workshop on XML Security, pp. 71–79. ACM, New York (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ringelstein, C., Staab, S. (2010). PAPEL: A Language and Model for Provenance-Aware Policy Definition and Execution. In: Hull, R., Mendling, J., Tai, S. (eds) Business Process Management. BPM 2010. Lecture Notes in Computer Science, vol 6336. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15618-2_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-15618-2_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15617-5
Online ISBN: 978-3-642-15618-2
eBook Packages: Computer ScienceComputer Science (R0)